<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<link href="css/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<table width="90%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td width="15" align="left" class="headmenu"><img src="image/bar_left.gif" width="15" height="42" /></td>
    <td align="left" bgcolor="#434343" class="headmenu">จัดการผู้ใช้งาน-&gt;รายการทั้งหมด</td>
    <td width="15" align="left" class="headmenu"><img src="image/bar_right.gif" width="15" height="42" /></td>
  </tr>
</table>
<br />
<br />
<?

//*** Add Condition ***//
if($_POST["hdnCmd"] == "Add")
{
	$data = array(
	"username"=>($_POST['username']),
	"password"=>($_POST['password']),
	);
	insert("tb_admin",$data);
	?>
<SCRIPT LANGUAGE="JavaScript">alert("add user suscessfully");window.location='admin.php?mode=user.php';</script>	
<?
	//header("location:$_SERVER[PHP_SELF]");
	//exit();
}

//*** Update Condition ***//
if($_POST["hdnCmd"] == "Update")
{
	$data = array(
	"username"=>($_POST['username2']),
	"password"=>($_POST['password2']),
	);
	update("tb_admin",$data,"id = '".$_POST['id']."'");
	//header("location:$_SERVER[PHP_SELF]");
	//exit();
	?>
<SCRIPT LANGUAGE="JavaScript">alert("update user suscessfully");window.location='admin.php?mode=user.php';</script>	
<?
}

//*** Delete Condition ***//
if($_GET["Action"] == "Del")
{
	delete("tb_admin","id='".$_GET['CusID']."'");
	//header("location:$_SERVER[PHP_SELF]");
	//exit();
	?>
<SCRIPT LANGUAGE="JavaScript">alert("delete user suscessfully");window.location='admin.php?mode=user.php';</script>	
<?
}
if($_SESSION[sess_pv]==1){
	$strSQL = "SELECT * FROM tb_admin";
}else{
	$strSQL = "SELECT * FROM tb_admin where username = '".$_SESSION[sess_uid_admin]."' ";
}
$objQuery = mysql_query($strSQL) or die ("Error Query [".$strSQL."]");
?>
<form name="frmMain" method="post" action="<?=$_SERVER["PHP_SELF"];?>?mode=user.php">
  <div align="center" class="black_s13">
    <input type="hidden" name="hdnCmd" value="">
  </div>
  <table width="90%" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
  <tr bgcolor="#55CB8F" class="text">
    <th width="40%" height="25" bgcolor="#434343" class="headmenu">Username</th>
    <th width="40%" bgcolor="#434343" class="headmenu">Password</th>
    <th colspan="2" bgcolor="#434343" class="headmenu">จัดการ</th>
    </tr>
<?
while($objResult = mysql_fetch_array($objQuery))
{
?>

  <?
	if($objResult["id"] == $_GET["CusID"] and $_GET["Action"] == "Edit")
	{
  ?>
  <tr onmouseover="this.className='menu-over'" onmouseout="this.className='menu'" class="menu">
    <td height="25" bgcolor="#FFFFFF"><div align="center">
		<input type="text" name="username2" size="30" value="<?=$objResult["username"];?>">
    </div></td>
    <td align="center" bgcolor="#FFFFFF">
      <input type="text" name="password2" size="30" value="<?=$objResult["password"];?>" /><input type="hidden" name="id" size="5" value="<?=$objResult["id"];?>" /></td>
    <td colspan="2" align="right" bgcolor="#FFFFFF"><div align="center">
      <input name="btnAdd" type="button" id="btnUpdate" value="Update" OnClick="frmMain.hdnCmd.value='Update';frmMain.submit();">
	  <input name="btnAdd" type="button" id="btnCancel" value="Cancel" OnClick="window.location='<?=$_SERVER["PHP_SELF"];?>?mode=user.php';">
    </div></td>
  </tr>
  <?
	}
  else
	{
  ?>
  <tr onmouseover="this.className='menu-over'" onmouseout="this.className='menu'" class="menu">
    <td height="25" bgcolor="#FFFFFF"><div align="center"><?=$objResult["username"];?></div></td>
    <td align="center" bgcolor="#FFFFFF"><?=$objResult["password"];?></td>
    <td width="55" align="center" bgcolor="#FFFFFF"><a href="admin.php?mode=user.php&Action=Edit&CusID=<?=$objResult["id"];?>" class="black_s13"><img src="image/b_edit.gif" border="0" /></a></td>
    <? if($objResult['username']<>$_SESSION[sess_uid_admin] ){ ?>
	<td width="53" align="center" bgcolor="#FFFFFF"><a href="JavaScript:if(confirm('Confirm Delete?')==true){window.location='<?=$_SERVER["PHP_SELF"];?>?mode=user.php&Action=Del&CusID=<?=$objResult["id"];?>';}" class="black_s13"><img src="image/delete.gif" border="0" /></a></td>
    <? } ?>
  </tr>
  <?
	}
  ?>
<?
}
if($_SESSION[sess_pv]==1){
?>
  <tr onmouseover="this.className='menu-over'" onmouseout="this.className='menu'" class="menu">
    <td height="25" bgcolor="#FFFFFF"><div align="center"><input type="text" name="username" size="30">
    </div></td>
    <td align="center" bgcolor="#FFFFFF"><input type="password" name="password" size="30"></td>
    <td colspan="2" align="right" bgcolor="#FFFFFF"><div align="center">
      <input name="btnAdd" type="button" id="btnAdd" value="Add" OnClick="frmMain.hdnCmd.value='Add';frmMain.submit();">
    </div></td>
  </tr>
 <? } ?>
</table>
</form>

</body>
</html>
